CVE-2014-100021 in OrangeHRMИнформация

Сводка

по MITRE

Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[employee_name][empId] parameter.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Резервировать

13.01.2015

Раскрытие

13.01.2015

Модерация

принято

Вход

VDB-73611

EPSS

0.01220

KEV

Нет

Деятельности

Очень низкий

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!